Given the ever increasing use of computing devices, security remains an important consideration in controlling access to various systems. The objectives of security in the computer context include the protection of sensitive and valuable information from publication, tampering or destruction by unauthorized activities and untrustworthy individuals. For example, a bank typically has highly sensitive financial information about its customers and a considerable amount of effort goes into securing such bank records and other financial data.
One-time password (OTP) is one form of security scheme in which a password (e.g., OTP code) is used, which is valid for only one login session or transaction. In conventional OTP implementations, a user is provided with a personal token that can be used to generate a one-time password for the user. The user can use this password to log into a secured system, such as a web portal with access to their financial information. OTP based systems can overcome many shortcomings of traditional password based systems; however, conventional OTP systems have a number of limitations.